Menu
FREE TRACKED NEXT BUSINESS DAY DELIVERY FOR UK CUSTOMERS, FOR ORDERS OVER £50. Learn more...
Shop by Category

Privacy Policy

Updated 23rd April 2021


Thank you for visiting our website and considering the purchase of our listed products. Our use of your personal information on this Website, when your account is created, and any other interaction between us, is governed by this Privacy Policy.

Tradeto Limited (referred to as ShopTo.Net, we, us or our) recognises the importance of safeguarding your personal information. This Privacy Policy explains how and why we collect and use personal information, and what we do to ensure it is kept private and secure. We are committed to ensuring that your privacy is protected. The personal information you provide when using our website will only be used in accordance with this Privacy Policy.

This policy covers the following topics:

  • Who we are and how to contact us
  • Information we collect
  • Cookies
  • Using your personal information
  • Protection and storage of your personal information
  • Access to your personal information and your rights
  • Information that we share
  • Data transfers
  • PCI DSS Policy
  • Changes to this policy


Our Privacy Policy does not apply to companies that may advertise our website, or to products and services offered by other companies, including those which refer business to ShopTo.Net, except as otherwise provided in this Privacy Policy.
 

1. Who we are and how to contact us

We are Tradeto Limited (company number 85535), trading as ShopTo.Net, registered in Jersey Channel Islands. We use the services of Skream Ltd (Company number 04468861) registered in England & Wales, as care of our UK Handling Support. For the purposes of data protection law, Skream Ltd is the controller of the personal information held about you, this means they have a fiduciary duty to make sure that your rights are protected when we use it and share it. If you have any questions about our Privacy Policy, please write to Skream Ltd Care of ShopTo, Venture House, 2 Arlington Square, Downshire Way, Bracknell, RG12 1WA.
 

2. Information we collect

When purchasing from our webshop www.shopto.net we require the following information to register your account:

  1. Personal information such as your name, address, date of birth, or other identification data
  2. Contact information such as your phone number and email address
  3. Financial information such as partial card numbers and card expiry dates (we do not collect or hold full card numbers, which are held by the payment gateway (on which see section 9 below).


In addition, we may collect information from you when you communicate with us or our Customer support service (in writing or verbally) or when you participate in any survey, promotion, or competition we may run.

We may use some of this information, combined with other information we collect about your spending behaviour and products purchased, to create a profile of you to understand your preferences.

We may also collect information from your computer or device in relation to your use of our website such as IP address, activity logs, cookie and browser identifiers, operating system identifiers, and location identifiers, which help to identify and/or deter fraudulent/suspicious activity on our website.

We do not collect any “special category data” about you, such as your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, criminal convictions or offences, information about your health, and genetic and biometric data, or any other personal data revealing or concerning such types of data.
 

3. Cookies

We use the following cookies:

  1. Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart, or make use of e-billing services.
  2. Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  3. Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. Please note, if you disable or refuse cookies, some parts of our website may become inaccessible and some functionality may be lost.

 

4. Using your personal information

We will process your personal information to the extent necessary to:

  1. Ship the item purchased from the website to the specified shipping address provided at the time of creating an account or checking out.
  2. Communicate with you via our Customer support Ticket system, phone, text message, notifications, email, or post and otherwise to manage our relationship with you (for example, sending you product updates);
  3. Manage and prevent fraud and other risks to our business;
  4. Provide you with information about changes or updates to ShopTo services that affect your rights and obligations;
  5. Provide you with marketing materials and other news updates and promotions with respect to our products and services, where you have consented to receive such information. You may elect to opt-out of any marketing information we send to you by following the link in any relevant information;
  6. Comply with any relevant law or regulatory obligation;
  7. Contribute to statistical and analytical data relating to your buying habits; and
  8. Build a profile of you to predict your preferences and to customise our marketing material and information to those preferences.


Under data protection laws, we have to have a legal justification to process your personal information, called ‘lawful bases’. The lawful bases we rely on for processing your information are:

  1. Legal obligation – for personal information that is necessary for registering account when you shop with us and financial or accounting aspect of a transactional record keeping;
  2. Consent – for personal information used for marketing, news, updates and promotions, and for collecting and using personal information via certain types of cookies for analytics purposes;
  3. Legitimate interest – for assessing and managing online risk, combatting fraud and criminal activity, marketing, profiling to enable us to tailor our marketing and information we provide to you, contacting you about your account, soliciting feedback, market research, prevention of data breaches, remediation, business analysis, and modelling, service testing and improvement, training, quality assurance, and asserting or protecting ourselves from legal claims. We ensure that the processing performed for this purpose is necessary for fulfilling our legitimate interest and that our interest outweighs your interest in not having your personal data processed for this purpose.


We will only keep your personal and transactional information for as long as HMRC legally requires for financial or accounting requirements. Per statutory requirement, HMRC requires records to be held for up to a minimum of six years.
 

5. Protection and storage of your personal information

Your personal information will predominantly be stored in electronic form in secure cloud-based data centres located in the United Kingdom that may be owned by third parties. Your personal information may also be stored in paper form. All such information whether electronically or physically stored is kept secure using generally accepted standards of security (e.g. encryption).
 

6. Access to your personal information and your rights

You can request access to your personal information by contacting us using the details in section 1. We do not charge for such access unless you make excessive or unfounded requests.
We want you to remain in control of your personal information. Part of this is making sure you understand your legal rights, which are summarised as follows:

  1. The right to be informed about the use of your personal information – this is what this Privacy Policy does;
  2. Where your personal information is processed on the basis of consent, the right to withdraw that consent;
  3. The right to confirmation as to whether or not we are holding any of your personal information and, if we are, to obtain a copy of it;
  4. The right to have certain information provided to you in a portable electronic format;
  5. The right to have inaccurate information rectified;
  6. The right to object to your information being used for marketing or profiling, or on the basis of our or a third party’s legitimate interest;
  7. The right to restrict how your information is used; and
  8. The right to be forgotten, which allows you to have your information erased in certain circumstances.

If you want to exercise any of these rights, please contact us using the details given in section 1. There are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so. We encourage you to look at the UK Information Commissioner’s Office website for detailed information about your privacy rights and our obligations as a controller of your personal information.

If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you should contact the UK Information Commissioner’s Office, which oversees data protection compliance in the UK. Details of how to do this can be found at www.ico.org.uk.
 

7. Information that we share

We do not sell or provide access to your personal information to third parties for them to market directly to you. However, we may share your personal information with third parties for the following purposes:

  1. for any of the purposes listed in Section 4 including, to carry out analytics (including profiling) to improve our product range and enhance customer engagement, for legal or regulatory purposes, to help detect and prevent potentially illegal acts and violations of our and their policies, and to guide decisions about our and their products, services, and communications. Members of our corporate family will use this information to send you marketing communications only if you have consented to such communications;
  2. to payment system providers with which we have contractual relationships in order to process payment and manage a transaction or respond to a query or complaint or improve their service offering;
  3. to third party cloud based storage service providers and other backend systems providers we use;
  4. to third party debt collection agencies in order to enforce our rights, including debt collection;
  5. to our investors, potential acquirers and/or financiers for their due diligence and to any acquirer of part or all of our business;
  6. to our commercial partners to enable them to improve their services to us and to you;
  7. to financial, security and other third-party auditors, including governmental or regulatory bodies, in order to audit our systems, processes and business operations;
  8. to law enforcement, government officials, regulatory authorities, or other third parties pursuant to a court summons, court order, or other legal process or requirement applicable to us or another member of our corporate group; when we need to do so to comply with law or credit card association rules; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our Customer Terms & Conditions;

We may anonymise your personal information (meaning that you can no longer be identified from it) and use the anonymised data for statistical and analytics purposes (for example, to identify and understand trends about the general use of our services). We may sell, distribute and/or disclose anonymised data to retailers and other third parties. We may also publish anonymised data publicly.

We do not share personal information with any other companies, organisations, or outside individuals unless we have your consent or a legitimate interest to do so.
 

8. Data transfers

Except as set out in this Privacy Policy, we normally only store personal information within the United Kingdom. If one of our subcontractors (such as a payment processor) needs to transfer it outside of the United Kingdom then we will take steps to ensure adequate levels of privacy protection, in line with UK data protection laws. 
 

9. PCI DSS Policy

For security purposes, we do not keep or hold your full debit or credit card data. We use established payment gateway providers to process payments. Our payment gateway providers adhere to a comprehensive set of requirements created by the Payment Card Industry Security Standards Council for ensuring the safe handling of sensitive customer debit and credit card data. Our payment gateway providers are Level 1 Service Providers and are compliant with PCI DSS Version 3.2 standard.
 

10. Changes to this policy

We may amend this Privacy Policy from time to time by posting a revised version on our Website with the effective date of any amendment (which will be stated at the top of this Privacy Policy). If you continue to use our Website following the effective date of any amendment, then you will be deemed to have read and understood the amendment to this Privacy Policy. If you do not accept any amendment to this Privacy Policy, you must contact us using the details in section 1 – you will not be penalised by us, but you should no longer use the Website.